March 18 — CISA and the FBI have warned of threats to satellite communication (SATCOM) networks and are advising network providers to improve their security posture.
Their advisory contains recommendations to help network providers and customers curtail potential consequences. CISA and the FBI released the advisory after an outage affected Viasat’s internet service for customers in Ukraine. This outage occurred on the same day Russia invaded Ukraine: February 28.
CISA is encouraging SATCOM operators to report and share indicators of malicious activity. The agencies are also urging providers to review the Office of the Director of National Intelligence’s February report, which delves into Russia’s anti-satellite technologies, capable of disrupting GPS and communication services.
Viasat reported that the incident was caused by a deliberate cyber event but that the network is now stabilized.
CISA has suggested that SATCOM operators:
- Utilize multi-factor authentication for accounts that access or manage networks.
- Enforce the use of complex passwords. Make sure password policies align with NIST guidelines. Avoid using default credentials.
- Enforce least-access privilege by removing unnecessary accounts.